Using client certificate in c# web application on Azure IIS
Question
I have ac# web API that uses a client certificate in order to connect to a third party identification provider (BankID https://www.bankid.com/en/ ).
When running in Visual Studio the connection handshake works fine. But then I deploy it to IIS running on a Virtual Machine on Azure, and for some reason now it doesn't work as expected, and instead I get an Exception:
"The request was aborted: Could not create SSL/TLS secure channel."
I've installed Visual Studio on the VM, and verified that it works; and I've installed IIS on ly local machine and verified that it works. So it seems to be a combination if IIS on Azure VM:s.
At first I thought it could be that the client certificate was'nt picked up from the certificate store. But I added handling of "no certificate found", and this doesn't trigger.
I've also tried the alternative of picking up the certificate from file. But this doesn't work either.
Would appreciate some help!
2 answers
solution1
0 2017-10-04 19:26:13
Try putting this in your constructor:
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11;
solution2
0 2017-10-05 08:56:11
I managed to figure out what the problem was. The IIS user (IIS_IUSRS) didn't have the permission to use the private key. So it wasn't actually related to Azure.
For anyone running into the same issue, look at the detailed answer here: https://stackoverflow.com/a/2647003/8721876 .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.